It may be possible to obtain limited administrative privileges without valid credentials. The vulnerability affects access over SSH; access through WebUI and the serial port is not affected. The vulnerability does not provide "root" level access.